Open redirect vulnerability in wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the backto parameter.
References
Configurations
Information
Published : 2009-04-28 09:30
Updated : 2017-08-16 18:29
NVD link : CVE-2008-6762
Mitre link : CVE-2008-6762
JSON object : View
CWE
CWE-59
Improper Link Resolution Before File Access ('Link Following')
Products Affected
wordpress
- wordpress